Date: Tue, 29 Aug 2000 16:08:12 -0400 From: Allen Landsidel <all@biosys.net> To: <freebsd-questions@FreeBSD.ORG> Subject: Re: IPFW Message-ID: <4.3.2.7.2.20000829160525.00b2bd60@mail.megapathdsl.net> In-Reply-To: <011701c011ba$518788c0$df026b83@jason>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:09 08/29/2000 -0400, Jason wrote: >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >I have recently installed a FreeBSD 4.0-Release box and I am working >on setting up a firewall and I am a bit stumped on a couple of rules. >I am trying to get FTP to work and have setup the following rules > >pass tcp from any ftp\\-data-ftp to 192.168.10.2 setup >pass udp from any ftp\\-data-ftp to 192.168.10.2 > >the last rule is 'drop all from any to any'. I can't seem to get ftp >to work if I leave in the 'drop all from any to any' rule. I have >never worked with ipfw before so please don't be too harsh. TIA... You have to pass on the outgoing also. In general, you can be pretty secure with (assuming ed0 is outside, ed1 is inside) these three rules... allow all from any to any recv ed1 allow all from any to any established deny all from any to any change to suit for servers running on the inside. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20000829160525.00b2bd60>